Apparatus and methods for attacking a screening algorithm based on partitioning of content

ABSTRACT

Apparatus and methods for attacking a screening algorithm. Content to be downloaded is identified. The identified content is then partitioned into at least two sections, wherein each of the at least two sections has a duration which is less than a duration of a threshold duration value assigned by the screening algorithm, and the partitioned content is subjected to a screening algorithm. Once the content has been successfully downloaded, the integrity of the downloaded content may be restored by reassembling the sections.

CROSS REFERENCE TO RELATED APPLICATION

This application claims priority to the U.S. provisional patentapplication identified by Ser. No. 60/283,323, filed on Apr. 12, 2001,the disclosure of which is incorporated by reference herein.

FIELD OF THE INVENTION

The present invention relates generally to the field of securecommunication, and more particularly to techniques for attacking ascreening algorithm.

BACKGROUND OF THE INVENTION

Security is an increasingly important concern in the delivery of musicor other types of content over global communication networks such as theInternet. More particularly, the successful implementation of suchnetwork-based content delivery systems depends in large part on ensuringthat content providers receive appropriate copyright royalties and thatthe delivered content cannot be pirated or otherwise subjected tounlawful exploitation.

With regard to delivery of music content, a cooperative developmenteffort known as Secure Digital Music Initiative (SDMI) has recently beenformed by leading recording industry and technology companies. The goalof SDMI is the development of an open, interoperable architecture fordigital music security. This will answer consumer demand for convenientaccessibility to quality digital music, while also providing copyrightprotection so as to protect investment in content development anddelivery. SDMI has produced a standard specification for portable musicdevices, the SDMI Portable Device Specification, Part 1, Version 1.0,1999, and an amendment thereto issued later that year, each of which areincorporated by reference. The longer-term effort of SDMI is an overallarchitecture for delivery of digital music in all forms.

The illicit distribution of copyright material deprives the holder ofthe copyright legitimate royalties for this material, and could providethe supplier of this illicitly distributed material with gains thatencourage continued illicit distributions. In light of the ease ofinformation transfer provided by the Internet, content that is intendedto be copy-protected, such as artistic renderings or other materialhaving limited distribution rights, are susceptible to wide-scaleillicit distribution. For example, the MP3 format for storing andtransmitting compressed audio files has made the wide-scale distributionof audio recordings feasible, because a 30 or 40 megabyte digital audiorecording of a song can be compressed into a 3 or 4 megabyte MP3 file.Using a typical 56 kbps dial-up connection to the Internet, this MP3file can be downloaded to a user's computer in a few minutes. Thus, amalicious party could read songs from an original and legitimate CD,encode the songs into MP3 format, and place the MP3 encoded song on theInternet for wide-scale illicit distribution. Alternatively, themalicious party could provide a direct dial-in service for downloadingthe MP3 encoded song. The illicit copy of the MP3 encoded song can besubsequently rendered by software or hardware devices, or can bedecompressed and stored onto a recordable CD for playback on aconventional CD player.

A number of schemes have been proposed for limiting the reproduction ofcopy-protected content. SDMI and others advocate the use of “digitalwatermarks” to identify authorized content.

U.S. Pat. No. 5,933,798, “Detecting a watermark embedded in aninformation system,” issued Jul. 16, 1997 to Johan P. Linnartz,discloses a technique for watermarking electronic content, and isincorporated by reference herein. As in its paper watermark counterpart,a digital watermark is embedded in the content so as to be detectable,but unobtrusive. An audio playback of a digital music recordingcontaining a watermark, for example, will be substantiallyindistinguishable from a playback of the same recording without thewatermark. A watermark detection device, however, is able to distinguishthese two recordings based on the presence or absence of the watermark.Because some content may not be copy-protected and hence may not containa watermark, the absence of a watermark cannot be used to distinguishlegitimate from illegitimate material.

Other copy protection schemes are also available. For example, EuropeanPatent No. EP983687A2, “Copy Protection Schemes for Copy-protectedDigital Material,” issued Mar. 8, 2000 to Johan P. Linnartz and Johan C.Talstra, presents a technique for the protection of copyright materialvia the use of a watermark “ticket” that controls the number of timesthe protected material may be rendered, and is incorporated by referenceherein.

An accurate reproduction of watermarked content will cause the watermarkto be reproduced in the copy of the watermarked content. An inaccurate,or lossy reproduction of watermarked content, however, may not provide areproduction of the watermark in the copy of the content. A number ofprotection schemes, including those of the SDMI, have taken advantage ofthis characteristic of lossy reproduction to distinguish legitimatecontent from illegitimate content, based on the presence or absence ofan appropriate watermark. In the SDMI scenario, two types of watermarksare defined: “robust” watermarks, and “fragile” watermarks. A robustwatermark is one that is expected to survive a lossy reproduction thatis designed to retain a substantial portion of the original content,such as an MP3 encoding of an audio recording. That is, if thereproduction retains sufficient information to allow a reasonablerendering of the original recording, the robust watermark will also beretained. A fragile watermark, on the other hand, is one that isexpected to be corrupted by a lossy reproduction or other illicittampering.

In the SDMI scheme, the presence of a robust watermark indicates thatthe content is copy-protected, and the absence or corruption of acorresponding fragile watermark when a robust watermark is presentindicates that the copy-protected content has been tampered with in somemanner. An SDMI compliant device is configured to refuse to renderwatermarked material with a corrupted watermark, or with a detectedrobust watermark but an absent fragile watermark, except if thecorruption or absence of the watermark is justified by an“SDMI-certified” process, such as an SDMI compression of copy-protectedcontent for use on a portable player. For ease of reference andunderstanding, the term “render” is used herein to include anyprocessing or transferring of the content, such as playing, recording,converting, validating, storing, loading, and the like. This schemeserves to limit the distribution of content via MP3 or other compressiontechniques, but does not affect the distribution of counterfeitunaltered (uncompressed) reproductions of content material. This limitedprotection is deemed commercially viable, because the cost andinconvenience of downloading an extremely large file to obtain a songwill tend to discourage the theft of uncompressed content.

Despite SDMI and other ongoing efforts, existing techniques for securedistribution of music and other content suffer from a number ofsignificant drawbacks. For example, SDMI has recently proposed the useof a new screening algorithm referred to as SDMI Lite. The SDMI Litealgorithm essentially screens a limited number of segments of thecontent which is being downloaded. Moreover, the algorithm only screenssegments having a predetermined duration of time. Prior to adopting thisscreening algorithm industry wide, apparatus and methods must beidentified which would successfully circumvent proposed screeningalgorithms.

SUMMARY OF THE INVENTION

The present invention provides apparatus and methods for attacking andcircumventing a screening algorithm e.g., the above-noted SDMI Litescreening algorithm. The invention in an illustrative embodimentinvolves the partitioning of content to the point where the attacker'schance of successfully admitting the illicit content is greatlyimproved.

An advantage of the present invention is that it identifies at least onefault in a security screening algorithm. It is only through thedetection and identification of faults that the underlying screeningalgorithm can be improved to provide convenient, efficient andcost-effective protection for all content providers.

In accordance with one aspect of the invention, a method of attacking ascreening algorithm includes the steps of identifying content to beadmitted, partitioning the content into at least two sections whereineach of the at least two sections has a duration which is less than aduration of a threshold duration value assigned by the screeningalgorithm, and subjecting the content to the screening algorithm. Oncethe content has been successfully admitted, the integrity of theadmitted content may be restored by reassembling the sections.

These and other features and advantages of the present invention willbecome more apparent from the accompanying drawings and the followingdetailed description.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram illustrating an illustrative embodiment ofthe present invention;

FIG. 2 is a flow diagram illustrating the steps of a method of attack ona screening algorithm in accordance with an illustrative embodiment ofthe present invention;

FIG. 3 is a diagram illustrating an example of the steps of a method ofattack on a screening algorithm in accordance with the embodimentdescribed with reference to FIG. 2;

FIG. 4 is a flow diagram illustrating the steps of a method of attack ona screening algorithm in accordance with another illustrative embodimentof the present invention;

FIG. 5 is a diagram illustrating an example of the steps of a method ofattack on a screening algorithm in accordance with the embodimentdescribed with reference to FIG. 4; and

FIG. 6 is a flow diagram illustrating the steps of a method of attack ona screening algorithm in accordance with another illustrative embodimentof the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The present invention provides apparatus and methods which attack andcircumvent screening algorithms that rely on a sampling of data, and,specifically, the proposed SDMI Lite and CDSafe screening algorithms.The CDSafe algorithm is described in pending U.S. patent applicationSer. No. 09/536,944, filed Mar. 28, 2000 in the name of inventors ToineStaring, Michael Epstein and Martin Rosner, entitled “Protecting Contentfrom Illicit Reproduction by Proof of Existence of a Complete Data Setvia Self-Referencing Sections,” and is incorporated by reference herein.The methods are based on the concept of partitioning of content to thepoint where the attacker's chances of successfully admitting the illicitcontent are greatly improved.

Advantageously, the invention detects faults in the proposed securityscreening algorithms. It is only through the detection andidentification of faults that the underlying screening algorithm can beimproved to provide convenient, efficient and cost-effective protectionfor all content providers.

One goal of SDMI is to prevent the unlawful and illicit distribution ofcontent on the Internet. In an attempt to accomplish this goal, SDMI hasproposed methods of screening content that has been identified to beadmitted. One such proposal is the previously-mentioned SDMI Litescreening algorithm. The new SDMI Lite screening algorithm was proposedin an attempt to increase the performance of SDMI. The term “downloaded”as that term is used herein is interchangeable with the term admitted.

Generally, the SDMI Lite screening algorithm randomly screens apredetermined number of sections of the marked content to determinewhether the content is legitimate. However, the proposed SDMI Litescreening algorithm only checks sections having a predetermined durationof time. That is, the SDMI Lite screening algorithm will not screensections of content that do not exceed a certain threshold value (suchas, e.g., a section must be at least fifteen seconds long to meet thethreshold value and therefore be subjected to the screening process).Therefore, this and other similar screening algorithms are susceptibleto an attack whereby content is partitioned into sections which areshorter in duration than the predetermined duration of time.

Moreover, another threshold value which is relevant for consideration,in view of an attack on a screening algorithm, is the minimum amount ofcontent material that is required to reliably detect a watermark. Thatis, SDMI may set a window of fifteen seconds (as discussed above) tolaunch the screening algorithm. However, the watermark detector onlyneeds approximately five (5) seconds out of the fifteen second window todetect a watermark. Therefore, screening algorithms are susceptible toan attack whereby content is partitioned into sections which are shorterin duration than the duration of time which is required to detect awatermark.

The present invention is achieved by initiating an attack on a screeningalgorithm by partitioning the content into small sections and passingthese small sections through the screening algorithm. More specifically,with reference to FIG. 1, one method of attacking the proposed SDMI Litescreening algorithm and the CDSafe algorithm is to partition content 12that is identified and proposed to be downloaded from an external sourcesuch as, for example, the Internet 10. As used herein, the term“partition” refers to the act of separating content that the attackerknows to be illegitimate into a number of sections 18, e.g., N sectionsas shown, such that the illegitimate content 12 will pass the screeningalgorithm 14. That is, if the content 12 is partitioned into sectionsthat are small enough to not be detected by the screening algorithm 14(i.e., to not meet the time duration threshold value required by thealgorithm) then such sections 18 will be permitted to pass through thescreen 14. Additionally, by partitioning content 12, the attacker isactually destroying a watermark embedded in content 12, thereby makingthe watermark undetectable to the screening algorithm. Moreover, even ifa small section of the watermark is detected by the screening algorithm,the section of content may not be rejected since the identifyingwatermark has likely been altered beyond recognition, by thepartitioning process.

To complete the attack, once all of the sections 18 have passed throughthe screening algorithm, the partitioned sections are reassembled withina personal computer 16, to restore the integrity of the illicit content.Personal computer 16 is an illustrative example of a processing devicethat may be used to implement, e.g., a program for executing the methodof attacking a screening algorithm described herein. The processingdevice may include a processor and a memory which communicate over atleast a portion of a set of one or more system buses.

Personal computer 16 may be representative of any type of processingdevice for use in implementing at least a portion of a method ofattacking a screening algorithm in accordance with the presentinvention. The elements of personal computer 16 may correspond toconventional elements of such processing devices.

For example, the personal computer may represent a microprocessor,central processing unit (CPU), digital signal processor (DSP), orapplication-specific integrated circuit (ASIC), as well as portions orcombinations of these and other processing devices. The memory istypically an electronic memory, but may comprise or include other typesof storage devices, such as disk-based optical or magnetic memory.

The techniques described herein may be implemented in whole or in partusing software stored and executed using the respective memory andprocessor elements of personal computer 16. It is noted that personalcomputer 16 may include other elements not shown, or other types andarrangements of elements capable of providing the attack functionsdescribed herein.

Referring now to FIG. 2, a flow diagram is shown illustrating a methodof attacking a screening algorithm in accordance with an embodiment ofthe present invention.

The first step 200 in an embodiment of the method of attacking ascreening algorithm in accordance with the present invention is topartition the illicit content into N sections and create a table ofcontents relating to the N sections. The purpose of creating a table ofcontents corresponding to the sections is to allow the attacker to beable to recreate the illicit content once it passes through thescreening algorithm. The duration of each section is, in part, afunction of the screening algorithm. That is, the duration of eachsection is preferably less than the duration of a section thresholdduration value assigned by the screening algorithm.

Once the content is partitioned, the content is recorded in the SDMIdomain in step 210. The SDMI domain represents an environment in whichall SDMI rules and behaviors are obeyed. After recording the content inthe SDMI domain, the content will be subjected to an SDMI screeningalgorithm such as CDSafe or SDMI Lite. Although the content has beenpartitioned, depending on the constraints set in the screeningalgorithm, it is possible that not all of the sections will pass thescreening algorithm on the first pass. Thus, it is expected that, instep 220, the screening algorithm will deny access to at least a portionof the content. However, it is also expected that at least onepartitioned section of the content will be admitted past the screeningalgorithm (i.e., into the SDMI domain). Some variants of the screeningalgorithm may allow detection of a single illicit section to cause thealgorithm to deny access to the content. Therefore, at least two (2) orthree (3) sections will likely be admitted by the screening algorithmwith acceptable probability.

In step 230, content is stepped to allow a new group of sections to besubjected to the screening algorithm. The term “stepping the content,”as used herein, refers to the process of storing the sections that werepreviously admitted and subjecting the remaining content to thescreening algorithm. The section or sections of content that werepermitted to pass the screening algorithm are stored in a memory device,such as a memory device associated with personal computer 16 in FIG. 1.

After stepping the content, in step 240 the content is analyzed todetermine whether all sections of the content have been admitted pastthe screening algorithm. If all sections of the content have not beenadmitted into the SDMI domain, the sections that have been admitted areat least temporarily stored within the SDMI domain and steps 210 through240 are repeated with regard to those sections which were not admitted.This process continues until all sections of the content have beenadmitted into the SDMI domain.

As indicated in step 250, when all sections of the content have passedthe screening algorithm, the partitioned content is re-assembled intoits initial configuration. At this point, the attacker has successfullydownloaded illicit content, thereby circumventing the screeningalgorithm.

Referring now to FIG. 3, a diagram illustrating an example of the stepsof a method of attack on a screening algorithm in accordance with theembodiment described above with reference to FIG. 2 is shown. Initially,a block of content 300 is partitioned into a predetermined number ofsections. In the illustrative embodiment illustrated in FIG. 3, content300 is partitioned into twelve (12) sections. A table of contents (notshown) is created to identify the relative positions of the partitionedsections, such that the attacker will have the ability to re-assemblethe content once it has been admitted into the SDMI domain.

As indicated, the screening algorithm begins the screening process atthe beginning of section one (1). During the screening process, sections1, 2, and 3 were admitted into the SDMI domain (see reference number302) before the screening algorithm detected illicit material and failedat section 4.

Since all sections of the content have not yet passed into the SDMIdomain, to facilitate the step of resubmitting the remaining block ofcontent 306 to the screening algorithm, the three sections 304 that wereadmitted are separated from content 300, and are stored in memory. Theremaining content 306 is submitted to the screening algorithm beginningwith section 4. This is referred to as stepping the content in FIG. 2.After proceeding with the process three times, nine (9) sections 308 ofcontent 300 have been admitted into the SDMI domain and have been storedin memory apart from the remaining content.

The example of FIG. 3 assumes that three (3) sections are admitted eachtime that the content is submitted to the screening algorithm. Thus, forcontent 300 which was partitioned into twelve sections, the procedurewill need to be repeated four times for the entire content to beadmitted into the SDMI domain where it can be re-assembled. The finalstep in the process is to re-assemble the content, as indicated byreference numeral 310.

Referring now to FIG. 4, a flow diagram is shown illustrating the stepsof the method of attack on a screening algorithm based on partitioningof the screened content in accordance with another illustrativeembodiment of the present invention.

The first step 400 in an embodiment of the method of attacking ascreening algorithm in accordance with the present invention is topartition the illicit content into sections. The duration of eachsection is preferably less than the duration of a section thresholdduration value assigned by the screening algorithm. Next, in step 410, atable of contents is created to identify the relative positions of thepartitioned sections, such that the attacker will have the ability tore-assemble the content once it has been admitted into the SDMI domain.

Once the content is partitioned, each section of the content is recordedin the SDMI domain in step 420. Upon recording each section of thecontent in the SDMI domain, the sections will be subjected to an SDMIscreening algorithm such as CDSafe or SDMI Lite before it can beadmitted into the domain.

In the previous embodiment, the entire content was submitted to berecorded in the SDMI domain. In the current embodiment, the content isrecorded in the SDMI domain one section at a time. Therefore, the methodfor attacking the screening algorithm will need to be repeated twelvetimes for content that has been partitioned into twelve sections,depending on the constraints set in the screening algorithm and the sizeof each section. However, due to the fact that the content is beingrecorded one section at a time, it is likely that each of the sectionswill pass the screening algorithm on the first pass.

In step 430, a determination is made as to whether all sections of thecontent are in the SDMI domain. If all sections of the content are notwithin the SDMI domain, the user is instructed to record the nextsection. When all sections of the content have passed the screeningalgorithm, the partitioned content is re-assembled into its initialconfiguration in step 440. At this point, the attacker has successfullydownloaded illicit content, thereby circumventing the screeningalgorithm.

In an alternative to the embodiment described with reference to FIG. 4,the duration of each section which the content is divided into is madesmaller than previously contemplated. More specifically, the duration ofeach section is preferably shorter than the feasible duration necessaryto read a watermark. For example, the duration of each section may be inthe range of about 0.1 seconds to about 1.5 seconds. Therefore, thesmaller sections will have a greater likelihood of passing through thescreening algorithm.

In the current embodiment, the content to be recorded in the SDMI domainhas been partitioned into sections that are so short that it is likelythat the screening algorithms will not be launched since the duration ofeach section will not meet the minimum threshold value of the screeningalgorithm. Moreover, even if the screening algorithm is launched, it isvery likely that the sections will be admitted to the domain since thealgorithms will not recognize a readable watermark. The method forattacking the screening algorithm will need to be repeated for each ofthe plurality of sections of content until each of the sections is inthe SDMI domain.

Referring now to FIG. 5, a diagram illustrating an example of the stepsof a method of attack on a screening algorithm in accordance with theembodiment described with reference to FIG. 4 is shown. Initially, ablock of content is partitioned into a predetermined number of sections(not shown). In the illustrative embodiment illustrated in FIG. 5, thecontent is partitioned into twelve (12) sections. As shown, only onesection 500 is submitted to the screening algorithm at a time. Thus, forcontent that was partitioned into twelve sections, the procedure willneed to be repeated twelve times for the entire content to be admittedinto the SDMI domain. The final step in the process (after the entirecontent is in the SDMI domain) is to re-assemble the content, asindicated by reference numeral 510.

Referring now to FIG. 6, a flow diagram is shown illustrating the stepsof a method of attack on a SDMI screening algorithm based onpartitioning of the screened content in accordance with yet anotherillustrative embodiment of the present invention.

The embodiment described with reference to FIG. 6 recognizes the factthat partitioning the content into a plurality of sections of shorterduration will cause the rate of transfer of data from the source to theSDMI domain to decrease. Therefore, to increase the rate of transfer, itis contemplated that the plurality of sections of content may be joinedtogether in groups so that they are recorded in the SDMI domain inlarger blocks. Preferably, the groups are formed randomly.Advantageously, by first partitioning the content into such smallsections and then recombining the sections randomly, any watermarks thatmay have existed in the original content will not be legible in therandomly combined block and will therefore pass through the screeningalgorithm.

Accordingly, the first step 600 in this embodiment of the presentinvention is to partition the illicit content into a plurality ofsections. Next, in step 610, a table of contents relating to theoriginal order of the sections is created. Although FIGS. 2, 4 and 6illustrate the partitioning step taking place prior to creating thetable of contents, it is to be appreciated that the table of contentsmay be created before the content is partitioned.

In step 615, at least two of the sections are joined together. Thesections to be joined are chosen randomly to further scramble anywatermark that may exist in the sections. Once the content is accountedfor in the table of contents, partitioned, and rejoined into largersections, each joined section of the content is recorded in the SDMIdomain in step 620. Upon recording each section of the content in theSDMI domain, the sections will be subjected to an SDMI screeningalgorithm such as SDMI Lite or CDSafe before they can be admitted in thedomain.

In step 630, a determination is made as to whether all sections of thecontent are in the SDMI domain. If all sections of the content are notwithin the SDMI domain, the user is instructed to record the nextsection. When all sections of the content have passed the screeningalgorithm, the partitioned content is reassembled into its initialconfiguration in step 640. At this point, the attacker has successfullydownloaded illicit content, thereby circumventing the screeningalgorithm.

The above-described embodiments of the invention are intended to beillustrative only. For example, it is contemplated that the sections maybe shuffled out of their original order, or otherwise mixed up to makeit more difficult for the screening algorithm to detect illicit content.For example, where the content is a digital content, the content may bepartitioned into sections and the sections may be shuffled via a digitalsignal processor as is known to one having ordinary skill in the art.Under this scenario, the establishment of an accurate and comprehensivetable of contents is important. Additionally, although the presentinvention is described with reference to the SDMI Lite and CDSafescreening algorithms, the present invention may be applied to anyscreening algorithm. These and numerous other embodiments within thescope of the following claims will be apparent to those skilled in theart.

1. A processor-implemented method of attacking a screening algorithmcomprising: identifying content to be downloaded by inputting thecontent to a processing device; partitioning the content using a programexecuted by the processing device into at least two sections whereineach of the at least two sections has a duration that is less than athreshold duration value assigned by the screening algorithm; subjectingthe partitioned content to the screening algorithm; and restoring theintegrity of the content by reassembling the at least two sectionssubsequent to the at least two sections passing through the screeningalgorithm.
 2. The method of claim 1, wherein the screening algorithm isa Secure Digital Musical Initiative screening algorithm.
 3. The methodof claim 1, wherein the screening algorithm relies on a sampling datacontained within the content.
 4. The method of claim , wherein thecontent is downloaded from the Internet.
 5. The method of claim 1,further comprising writing the content to a memory device subsequent tothe content being subjected to and passing the screening algorithm. 6.The method of claim 1, wherein the duration of each of the at least twosections is in the range of about 0.1 seconds to about 1.5 seconds. 7.The method of claim 1, wherein the content is subjected to the screeningalgorithm one section at a time.
 8. The method of claim 1, furthercomprising determining whether all of the sections of the content havepassed through the screening algorithm.
 9. The method of claim 1,wherein the sections of content are combined in groups prior to thescreening algorithm.
 10. The method of claim 9 wherein the sections ofcontent are randomly combined in groups.
 11. The method of claim 1,further comprising shuffling the sections of content prior to thesections being subjected to the screening algorithm.
 12. The method ofclaim 1, further comprising creating a table of contents relating to theorder of the sections of the content.
 13. An apparatus for attacking ascreening algorithm comprising a processing device that includes aprocessor and a memory, the processor being configured to: identifycontent to be downloaded; partition the identified content into at leasttwo sections; and restore the integrity of the content by reassemblingthe at least two sections subsequent to the at least two sectionspassing through the screening; and subject the partitioned content tothe screening algorithm, wherein each of the at least two sections has aduration that is less than a duration of a threshold duration valueassigned by the screening algorithm.
 14. An article of manufacture forattacking a screening algorithm, the article comprising a machinereadable medium containing one or more programs which when executedimplement the steps of: identifying content to be downloaded and;partitioning the content into at least two sections, wherein each of theat least two sections has a duration that is less than a duration of athreshold duration value assigned by the screening algorithm; subjectingThe partitioned content to the screening algorithm; and restoring theintegrity of the content by reassembling the at least two sectionssubsequent to the at least two sections passing through the screeningalgorithm.